<?php
include_once('common/header.php');	
if($AppUI->id <= 0 || !isset($_SERVER['HTTP_REFERER'])) {
	echo '{error:\'' . 1 . '\''. ",\n" . 'msg: \'' . $arrError[1] . '\'}';
	exit();
}
$strRefer		= isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
$intUserId		= $AppUI->id;
$oFile			= isset($_FILES['pimage']) ? $_FILES['pimage'] : null;
$strToken		= $objRequest->getParam('token', '');
$strSession		= Vfriend_Function::getSecret($intUserId, SE_ACCOUNT_COVER_UPLOAD);
$intError		= 0;
$strImage		= '';
if($intError == 0 && $oFile['name'] != '') {
	$arrImage	= Vfriend_Upload::uploadCover($oFile, $strImage);
	if($arrImage['error'] > 0) {
		$intError = 24;
	}
} else {
	$intError = 23;
}
if(Vfriend_Function::isValidLink($strRefer)  && $strToken != '' && $strToken == $strSession) {
	Vfriend_Function::deleteSecret($intUserId, SE_ACCOUNT_COVER_UPLOAD);
	$objCover 	= new Cover();
	$intError	= $objCover->add($intUserId, $AppUI->hex, $strImage);
	if($intError > 0) {
		$intError	= 25;
	} 
} else {
	$intError	= 26;
}
if($intError > 0) {
	$strMessage	= $arrError[$intError];
} else {
	$strMessage	= $arrMessage[13];		
}
$arrJson = array('error'=>$intError,'msg'=>$strMessage);
echo Zend_Json::encode($arrJson);
exit();
?>